-
Notifications
You must be signed in to change notification settings - Fork 18
162 lines (147 loc) · 5.36 KB
/
prod-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: Promote staging to PROD
on:
release:
types:
- released
workflow_dispatch:
concurrency:
group: production-deployment
cancel-in-progress: false # Wait for staging-deploy to finish
jobs:
sync-staging-prod:
permissions:
contents: 'read'
id-token: 'write'
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
path: apps
- name: prepare env logic
id: prepare
uses: ./apps/.github/actions/prepare-deploy
with:
app_base_name: app
deploy_to: 'production'
- name: Auth gcloud
id: gauth
uses: google-github-actions/auth@ef5d53e30bbcd8d0836f4288f5e50ff3e086997d # @v1
with:
workload_identity_provider: '${{ secrets.GWIP }}'
service_account: '${{ secrets.GSA }}'
- name: 'Set up Cloud SDK'
uses: google-github-actions/setup-gcloud@62d4898025f6041e16b1068643bfc5a696863587 # @v1
- name: Sync webpack from staging
run: gsutil -m rsync -d -r gs://app.staging.centrifuge.io gs://${{ steps.prepare.outputs.front_url }}
retrieve-prod-assets:
runs-on: ubuntu-latest
steps:
- name: Download artifact
id: download-artifact
uses: dawidd6/action-download-artifact@v2
with:
workflow: staging-deploy.yml
workflow_conclusion: "" # This will fail if the staging deployment isn't finished yet
# check_artifacts: true # This will search for the last available artifact, useful for testing
# Alternative: download from the release instead of
# workflow artifacts
# - uses: dsaltares/fetch-gh-release-asset@master
# with:
# repo: 'centrifuge/apps'
# version: 'tags/${{ github.ref_name }}'
# file: ".*-api\\.zip"
# # target: "./releases/"
# regex: true
# # target: 'subdir/${{ matrix.artifact_name }}.zip'
# # token: ${{ secrets.GITHUB_TOKEN }}
# - name: Unzip release files
# run: |
# unzip pinning-api.zip -d pinning-api 1> /dev/null
# unzip onboarding-api.zip -d onboarding-api 1> /dev/null
# Debug artifacts:
# - name: list artifact files
# run: |
# ls -la ./
# ls -la pinning-api/
# ls -la onboarding-api/
# echo "Workspace PATH: ${{ github.workspace }}"
# ls -la $GITHUB_WORKSPACE
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce #@3.1.2
with:
name: onboarding-api
path: ${{ github.workspace }}/onboarding-api-staging/
if-no-files-found: error
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce #@3.1.2
with:
name: pinning-api
path: ${{ github.workspace }}/pinning-api-staging/
if-no-files-found: error
pinning-prod-deploy:
needs: retrieve-prod-assets
runs-on: ubuntu-latest
environment: production
permissions:
contents: 'read'
id-token: 'write'
env:
app_name: pinning-api
function_handler: pinningApi
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
path: apps
- name: Deploy Gfunction
id: functionsdeploy
uses: ./apps/.github/actions/deploy-gfunction
with:
app_name: ${{ env.app_name }}
GWIP: ${{ secrets.GWIP }}
GSA: ${{ secrets.GSA }}
target: ${{ env.function_handler }}
gcloud_region: ${{ vars.GCLOUD_REGION }}
service_account: "${{ vars.PINNING_API_FUNCT_SA }}"
deploy_env: production
onboarding-prod-deploy:
needs: retrieve-prod-assets
runs-on: ubuntu-latest
environment: production
permissions:
contents: 'read'
id-token: 'write'
env:
app_name: onboarding-api
function_handler: onboarding
steps:
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
path: apps
- name: Deploy Gfunction
id: functionsdeploy
uses: ./apps/.github/actions/deploy-gfunction
with:
app_name: ${{ env.app_name }}
GWIP: ${{ secrets.GWIP }}
GSA: ${{ secrets.GSA }}
target: ${{ env.function_handler }}
service_account: "${{ vars.ONBOARDING_FUNCT_SA }}"
gcloud_region: ${{ vars.GCLOUD_REGION }}
deploy_env: production
prod-slack-notify:
needs: [sync-staging-prod, onboarding-prod-deploy, pinning-prod-deploy]
runs-on: ubuntu-latest
steps:
- name: Notify prod deploy
uses: rtCamp/action-slack-notify@12e36fc18b0689399306c2e0b3e0f2978b7f1ee7
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_MESSAGE: |
app.staging.centrifuge.io has been promoted to app.centrifuge.io and is now LIVE!
Check out the new release -> https://github.com/centrifuge/apps/releases/
SLACK_USERNAME: "Centrifuge GHA Bot"
SLACK_ICON: "https://centrifuge.io/favicon.ico"
SLACK_TITLE: "Centrifuge app has been promoted to prod."
SLACK_FOOTER: "Automatic message from centrifuge/apps repository Actions"